Hi everyone,
was trying to make login. wanted to make the query to get details off sql safer and used sprintf but it does not work.
the code is as follow:
<?php
session_start();
include('db.php');
if(isset($_POST['submit'])) :
// Username and password sent from signup form
//stripping
$username = strip_tags($_POST['username']);
$password = sha1(strip_tags($_POST['password']));
// Making query safer
$query = sprintf("SELECT ID FROM members WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password));
$result = mysql_query($query);
if(1 != mysql_num_rows($result)) :
// MySQL returned zero rows (or there's something wrong with the query)
echo "Login failed";
else :
// We found the row that we were looking for
$row = mysql_fetch_assoc($result);
// Register the user ID for further use
$_SESSION['member_ID'] = $row['ID'];
header('Location: members-only.php');
endif;
endif;
?>
I entered the login details i stored in mysql but get 'Login failed' no matter wat i enter in the login form.
Any help would be appreciated.
Thank you